Apple’s AirPlay feature, praised for its convenience, may also be putting users at significant risk of cyberattacks.
Cybersecurity experts at Oligo have uncovered critical weaknesses in AirPlay, revealing that hackers can exploit these flaws to take control of devices connected to the same Wi-Fi network.
AirPlay enables users to wirelessly transmit audio, video, and images from an Apple device to other Apple products or supported third-party hardware that incorporates the technology.
Wired reported that a total of 23 security holes — collectively labeled “AirBorne” — were identified in both Apple’s AirPlay system and the software development kit used by third-party manufacturers to enable AirPlay on their devices.
In a proof-of-concept video, the researchers showed how a Bose speaker with AirPlay functionality could be targeted over a shared network, allowing for a Remote Code Execution (RCE) attack. The screen of the speaker was remotely manipulated to show the “AirBorne” label.
The team warned that this method could theoretically be used to access microphones on compromised devices, potentially allowing for covert surveillance.
Gal Elbaz, Chief Technology Officer at Oligo, explained to Wired that the scope of potentially affected devices is vast.
“Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch — or they will never be patched,” Elbaz explained. “And it’s all because of vulnerabilities in one piece of software that affects everything.”
Oligo alerted Apple to the flaws last fall and continued to work closely with the company over the following months to develop appropriate fixes. The public disclosure of their research came on Tuesday.
Apple addressed the vulnerabilities in its own devices with software updates released March 31, applying patches to iOS 18.4, iPadOS 18.4, macOS Ventura 13.7.5, macOS Sonoma 14.7.5, macOS Sequoia 15.4, and visionOS 2.4.
Despite these patches, third-party devices that support AirPlay remain at risk. Oligo said that it’s now up to manufacturers to issue updates that users can install to shield their devices from potential breaches.
In a statement to Wired, Apple confirmed it had made patches available for these third-party systems, but clarified that “limitations” exist in the kind of attacks that could actually be performed on AirPlay-enabled devices exploiting these bugs.
The researchers added that vehicles equipped with CarPlay are susceptible too. If a hacker is close by and the Wi-Fi hotspot password is “default, predictable, or known,” they may be able to launch a remote attack.
To guard against these vulnerabilities, Oligo offered several steps users should take immediately:
Update your devices: Ensuring that all AirPlay-capable devices are running the most current software is critical to reducing the chances of an attack.
Disable AirPlay Receiver: Turning off the AirPlay feature when not in use can close off a major potential entry point.
Only use AirPlay with trusted devices: Restrict usage to familiar and secure devices to reduce exposure.
Modify AirPlay Settings: Navigate to Settings > AirPlay & Continuity (or AirPlay & Handoff) and set “Allow AirPlay for” to Current User. Although not a total fix, the researchers say this limits the ways the protocol can be exploited.
Avoid using AirPlay on public networks: AirPlay should not be used over public Wi-Fi, as this increases the risk of external breaches.
{Matzav.com}